How to check if you are vulnerable to shellshock

 Guides, News  No Responses »
Sep 292014
 

The most new and dangerous bug around it’s the one called “shellshock”, this is a security bug in the widely used Unix Bash shell which was disclosed on 24 September 2014. Many Internet daemons, such as web servers, use Bash to process certain commands, allowing an attacker to cause vulnerable versions of Bash to execute arbitrary commands. This can allow an attacker to gain unauthorized access to a computer system.

The bug causes Bash to unintentionally execute commands when they are stored in specially crafted environment variables. Within days, a series of further related vulnerabilities in Bash were found, leading to the need for further patches.

By 25 September, botnets based on computers compromised with this exploit were being used by attackers for distributed denial-of-service attacks and vulnerability scanning, source wikipedia

Let’s see how to check if your computer or server is vulnerable.
Continue reading »

Flattr this!

What goes around comes around: nearly half of DDoS attacked companies are hit twice or more

 Articles  No Responses »
Sep 082014
 

Guest post by Sophie Davidson

Modern day criminals are no longer entering banks with ski masks and pistols. Today’s felons are moving into cyberspace to accomplish their nefarious goals.

Remember the old adage, “a criminal always returns to the scene of the crime”? It turns out this maxim holds a lot of weight with regards to DDoS cybercrime.

Double DDoS

Recent research from BT revealed that about 41% of online businesses surveyed were victims of DDoS in the last 12 months. The more notable findings of the research showed that, of those attacked, over 78 percent were subsequently hit a second time shortly thereafter.

Distributed Denial of Service attacks or DDoS encompass a large variety of cyber threats designed to overwhelm a target’s server, or jam up their network. By disrupting a target’s resources, the hackers succeed in preventing normal traffic (such as users or customers) from passing through.

The effects of these attacks are potentially devastating. After being hit by a strong attack, it takes on average at least 12 hours to offer full service back to users.

What can happen in 12 hours? This sort of disruption could mean losing hundreds of thousands of dollars in revenue. Or, perhaps worse, the trust between the user and the online business, built up over months or years, could be lost in a matter of minutes.
Continue reading »

Flattr this!

PortSpoof – An interesting anti-snooping tool for Linux

 Articles  6 Responses »
Sep 192013
 

Fool those who try to portscan your system!
The Portspoof program is designed to enhance OS security through emulation of legitimate service signatures on otherwise closed ports. It is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure.

The general goal of the program is to make the port scanning software (Nmap/Unicornscan/etc) process slow and output very difficult to interpret, thus making the attack reconnaissance phase a challenging and bothersome task

Continue reading »

Flattr this!